Once upon a time there was a girl who had a WoW-related blog, that she hosted herself, on her own domain. She was a lazy girl, so she didn’t write a new post every day, but every so often she would update with her latest adventures and some silly screenshots. All was well.

Then, one day, Wordpress told her a new version of the popular blogging software was available. It told her she should upgrade immediately, because it would fix a security problem.

“Nah,” said the lazy girl, “I will update some other day.”

Many days passed, and the girl did not upgrade.

Then, some two weeks later, the girl looked up the referrers to her blog. For the girl was a curious one, and easily amused by the search terms people used to find her blog. But this time, the girl was not amused. For what she saw was words like “ephedrine” and “phentermine”. Words that had nothing to do with her blog.

Sure enough, the “page viewed” link was a page on her blog, one that she did not recognize. The page redirected the girl’s browser to a shady pharmaceutical site elsewhere on the internet.

The girl realized she had been careless. Her blog had been hacked.

The hacker had been a sneaky one. She did not see any difference on the front page of her blog. There were no sudden big banners or pop-ups. If she had not checked the details of the visitors to her site, she would never have known.

She, at last, upgraded to the latest version of Wordpress, but that did not fix the problem. She had to download the entire content of her blog directory and investigate it with a fine toothed comb to discover what the hacker had done.

In her uploads directory she found a humongous text file with a lot of pharmaceutical search terms in it. She also found a php file in the same folder that created new pages on her blog and redirected those elsewhere. In the index.php file for her blog theme the hacker had added a line that put this malicious hack into effect. Removing this line, and the two files in the uploads directory, was all it took to undo the damage.

However, the girl was worried. What could she do to prevent getting hacked again? She searched the internet for answers, and made a list of tips that she found.

- Keep your Wordpress installation up to date. If it asks you to upgrade, don’t wait – do it.

- (Manually) add a .htaccess file to the wp-admin folder that will only allow your own IP-address to access it. This only works if you have a static IP-address.

- Add a secret key to your wp-config.php file. This will add a strong encryption to your cookies, so even if they get intercepted by hackers they won’t be able to use them.

- Change your passwords often, both to your blog account and to the FTP access to your site. Also check whether your files and directories are CHMODDed properly.

- Check the statistics of your blog every so often. You might find certain search phrases or referrers that will set off alarm bells.

- Keep your Wordpress installation up to date. If it asks you to upgrade, don’t wait – do it. Yes, you have read this tip before. It’s the single most important tip in the list, so it merits repeating.

This list is not fool-proof, nothing ever is, but it should still turn your wordpress blog into an almost unseizable fortress.

The morale of the story?

The girl was embarrassed that she had been so lazy and naive. But she still wanted to share her story here, with other blog owners. Please heed her warnings. Don’t be like her. Take precautions, and know that you run a big risk by running outdated Wordpress software. Don’t assume hackers won’t target you, just because you run a small blog with few visitors – because that’s completely irrelevant. Any blog, any site, is an interesting target as long as it shows up on Google.

Thank you for reading.

(As a sidenote: it’s a tad surprising to see that people even followed these fake links. Really now - would you buy medication from a witch doctor?)

i also experienced something like this before. and just like that girl, i didn't upgrade my wordpress. and because of that i was banned from google index less than a month. real nice info there witch doctor!

Who is online

Users browsing this forum: No registered users and 2 guests

You cannot post new topics in this forumYou cannot reply to topics in this forumYou cannot edit your posts in this forumYou cannot delete your posts in this forumYou cannot post attachments in this forum